Main Vulnerability Database Vulnerabilities #VU1368

Buffer overflow in Ichitaro - CVE-2007-1938

Published: December 16, 2016

Vulnerability identifier: #VU1368

CSH Severity: Critical

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Red

CVE-ID: CVE-2007-1938

CWE-ID: CWE-119

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: JustSystems Corporation

Affected software:
Ichitaro

Detailed vulnerability description

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when processing malicious documents. A remote attacker can create a specially crafted document, trick the victim into opening it, cause buffer overflow and execute arbitrary code on vulnerable system.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Note: this vulnerability is being actively exploited.

How to mitigate CVE-2007-1938

Install patch from vendor's website.

Sources

http://www.justsystems.com/jp/info/pd7002.html

Buffer overflow in Ichitaro - CVE-2007-1938

Detailed vulnerability description

How to mitigate CVE-2007-1938

Sources

Please verify you're human